If we have no degasser or disk crusher in our organization what can we do with our old hard disks?
A: Since we have no means of destroying them, we have done our due care and we can recycle them with the rest of the electronic waste.
B: We can pay another company to do it.
C: We can overwrite all the functional disks and the rest we can ignore since they are damaged anyways.
D: We can throw them in a lake or the ocean.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer

B: If we do not have the means for proper data destruction, we can pay another company to do so. They obviously have to be licensed to do so and adhere to all our security policies.

In software testing a black box test would have how much information?
A: Just the software, no source code.
B: The software, source code, data structures and variables.
C: User logs, access entries and project plan.
D: A version of the software, but only the cripple ware version.

Almost anyone with cybersecurity experience and realistic salary expectations can find immediate employment. There may be a small percentage of the cyber workforce who are in between jobs, some who have resigned to explore new opportunities, and others who are unrealistic about which positions they qualify for (and the compensation commensurate with their experience) — but there’s an abundance of positions available for cybersecurity pros.

Cybercrime damages are predicted to cost the world $6 trillion annually by 2021, up from $3 trillion in 2015… and the world will spend $1 trillion cumulatively over the next five years from 2017 to 2021 on cybersecurity products and services to combat cybercrime. These figures suggest the cyber employment problem will get worse before it gets better.

We interviewed several industry experts who corroborate the unemployment rate, and share the recruiting challenges that come with it.

How many backup tapes would we use to restore all the data if we do weekly full backups Sunday at midnight and daily incrementals at midnight and the system fails Wednesday afternoon?
A: 2
B: 3
C: 1
D: 4

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer

B: We would need the Sunday full tape, the incremental tapes from Monday and Tuesday night so 3 tapes total.

What would not be part of our server hardening before we promote a new server to production.
A: Apply all patches.
B: Disable unused ports.
C: Disable non-required services.
D: Open all ports.

CBK 7: Security Operations
Source: ThorTeaches.com practice tests

Answer

“D: Leaving ports open is the opposite of server hardening. When we receive or build new systems they often are completely open, before we introduce them to our environment we harden them. We develop a long list of ports to close, services to disable, accounts to delete, missing patches and many other things.
”

C: The Smurf attack is a distributed denial-of-service attack in which large numbers of Internet Control Message Protocol (ICMP) packets with the intended victim’s spoofed source IP are broadcast to a computer network using an IP broadcast address. ICMP is a layer 3 protocol.

Data owner should:
A: Make the policies, procedures and standards that govern our data security.
B: Perform the backups and restores.
C: Be trained in the policies, procedures and standards.
D: Assign the sensitivity labels and backup frequency of the data.

CBK 2: Asset Security
Source: ThorTeaches.com practice tests

Answer

D: Data/Information Owner: Management level, they assign sensitivity labels and backup frequency. This could be you or a Data Owner from HR, Payroll or other departments.

A: CASE (Computer-Aided Software Engineering) software is classified into 3 categories: Tools support specific tasks in the software life-cycle. Workbenches combine two or more tools focused on a specific part of the software life-cycle. Environments combine two or more tools or workbenches and support the complete software life-cycle. Used for developing high-quality, defect-free, and maintainable software. Often associated with methods for the development of information systems together with automated tools that can be used in the software development process.

The 13 most valuable IT certifications today

Looking for a leg up in your IT career? IT certifications remain a proven way to quickly gain valuable skills and demonstrate deeper interest and know-how in a domain that will further your career.

Certifications and skills can help boost your salary, set you apart from the competition and help you land promotions in your current role. A survey from Global Knowledge found that 83 percent of IT professionals in the U.S. and Canada hold an IT certification — and in the U.S. the average salary for a certified IT professional is on average $8,400 (or 11.7 percent) higher.

Hiring certified professionals is also beneficial for employers. Of those surveyed, 44 percent of IT decision-makers say certifications result in employees performing work faster, 33 percent said it results in more efficiency when implementing systems and 23 percent say it helps deploy products and services faster with fewer errors.